Last updated: March 27, 2026
We collect information you provide directly: name, email, password (hashed), organization name, uploaded receipt images, and AI-extracted data. We also collect usage data: IP address, browser type, and access logs.
We use your data to: (a) provide and improve the Service, (b) send processing notifications, (c) manage accounts and billing, (d) analyze aggregated data to improve the Service.
We do not sell your data. We may share data with trusted service providers such as OpenAI for OCR and Microsoft Azure for infrastructure.
We use TLS encryption for data in transit and AES-256 for data at rest. Passwords are hashed with bcrypt. Receipt files are stored in secure MinIO S3-compatible storage.
We retain account data while your account is active. Upon account deletion or plan cancellation, data is deleted within 30 days.
You have the right to: (a) access your personal data, (b) correct inaccurate data, (c) delete your account and all data, (d) export your data. Contact [email protected] to exercise these rights.
We use only essential cookies for authentication and session management. We do not use cookies for advertising.
We may update this Policy periodically and will notify you via email or in-app notification.
For privacy questions, contact us at [email protected]